{"id":17640,"date":"2025-03-07T16:45:22","date_gmt":"2025-03-07T15:45:22","guid":{"rendered":"https:\/\/immune.institute\/?post_type=proyecto&#038;p=17640"},"modified":"2025-10-07T10:51:41","modified_gmt":"2025-10-07T08:51:41","slug":"aws-goat-cruce-entre-ciberseguridad-nube","status":"publish","type":"proyectos","link":"https:\/\/immune.institute\/en\/proyectos\/aws-goat-cruce-entre-ciberseguridad-nube\/","title":{"rendered":"AWS Goat: The crossover between cybersecurity and the cloud"},"content":{"rendered":"<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-f72ede8d wp-block-columns-is-layout-flex\" style=\"margin-top:0;margin-bottom:0\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"wp-block-paragraph\">Cloud adoption means that the right cyber security configurations need to be in place in order to avoid vulnerabilities. To do this, you need to be able to identify them correctly.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The AWS Goat service enables simulations of attacks within the AWS environment to assess the security of the cloud infrastructure. This service makes it easier to understand common vulnerabilities in the cloud, so that the cybersecurity team can protect the organisation's critical data and services.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"card card-light wp-block-paragraph\"><strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-accent-1-color\">Carried out by<\/mark><\/strong> <a href=\"https:\/\/www.linkedin.com\/in\/sofia-martinez-cruz\/\" target=\"_blank\" rel=\"noopener\">Sofia Martinez<\/a> | <a href=\"https:\/\/www.linkedin.com\/in\/marco-funes-ephirium\/\" target=\"_blank\" rel=\"noopener\">Marco Funes<\/a> | <a href=\"https:\/\/www.linkedin.com\/in\/alam-p-a0a5231a4\/\" target=\"_blank\" rel=\"noopener\">Alam P\u00e9rez Aguiar<\/a> | Emilio Ocejo<\/p>\n\n\n\n<p class=\"card card-light wp-block-paragraph\"><strong>Qualification<\/strong> <a href=\"https:\/\/immune.institute\/en\/programas\/master-online-de-ciberseguridad\/\">Cybersecurity Master<\/a><\/p>\n\n\n\n<p class=\"card card-light wp-block-paragraph\"><strong>Technologies<\/strong> AWS Goat | GitHub | GitHub | Terraform Apply | NMAP | BurpSuite | AWS CLI | OWASP ZAP | SSH<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:var(--wp--preset--spacing--50);margin-bottom:var(--wp--preset--spacing--50)\">\n<h2 class=\"wp-block-heading\">What is the motivation? <\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Migrating from on-premise servers to the cloud means that security no longer only applies to the hardware and devices you have in your organisation, but extends to your chosen cloud environment. The provider is responsible for part of that security, but customers also have their share of the responsibility. In order to understand the weaknesses of this type of environment, services such as AWS Goat are used to simulate attacks and carry out a pentesting process to identify vulnerabilities and study possible solutions. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Program aims <\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Identify misconfigurations and OWASP vulnerabilities in the AWS Goat infrastructure.<\/li>\n\n\n\n<li>Analyse the impact that the vulnerabilities found may have on the infrastructure.<\/li>\n\n\n\n<li>Propose and validate solutions to mitigate vulnerabilities within the AWS environment.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"462\" src=\"https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-1024x462.png\" alt=\"\" class=\"wp-image-17648\" srcset=\"https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-1024x462.png 1024w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-256x115.png 256w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-512x231.png 512w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-768x346.png 768w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-1536x693.png 1536w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6-18x8.png 18w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6.png 1767w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:var(--wp--preset--spacing--50);margin-bottom:var(--wp--preset--spacing--50)\">\n<h2 class=\"wp-block-heading\">Development <\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The cloud brings a new element that must be correctly configured in terms of cybersecurity. In order to understand this new environment in the most appropriate way possible, the following has been done: <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Information gathering<\/strong>In order to find a vulnerability, it is crucial to collect as much information as possible about the entire environment. Scans of ports and services, enumerations of buckets, users and policies, as well as analysis of HTTP requests were performed.<\/li>\n\n\n\n<li><strong>Identification of vulnerabilities<\/strong>Once the necessary elements were collected, detailed information on the files identified as sensitive was obtained. In parallel, we also worked on applications, intercepting and modifying them.<\/li>\n\n\n\n<li><strong>Exploitation of vulnerabilities<\/strong>The weaknesses found were transformed into attack vectors, gaining remote access to servers, exploiting credentials to create users and modify policies, and exploiting vulnerabilities.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Results <\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Studying the vulnerabilities allowed various types of tests to be carried out to test the criticality of these weaknesses:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Injection of JavaScript code into search forms to manipulate sessions and steal credentials.<\/li>\n\n\n\n<li>SQL injection into user input fields to gain unauthorised access to critical user data.<\/li>\n\n\n\n<li>Manipulation of requests to access local files on the server, which collected AWS credentials, and enumerate users in EC2, which facilitated privilege escalation.<\/li>\n\n\n\n<li>Accessing configuration files, exposing public keys, AWS credentials and critical configurations.<\/li>\n\n\n\n<li>Manipulation of file paths to access internal files containing keys and settings.<\/li>\n\n\n\n<li>Use of obtained credentials to create IAM users and modify policies in order to gain administrative permissions.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"846\" height=\"450\" src=\"https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919.png\" alt=\"\" class=\"wp-image-17649\" srcset=\"https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919.png 846w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919-256x136.png 256w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919-512x272.png 512w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919-768x409.png 768w, https:\/\/immune.institute\/wp-content\/uploads\/2025\/03\/Captura-de-pantalla-2025-03-05-120919-18x10.png 18w\" sizes=\"(max-width: 846px) 100vw, 846px\" \/><\/figure>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\" style=\"margin-top:var(--wp--preset--spacing--50);margin-bottom:var(--wp--preset--spacing--50)\">\n<h2 class=\"wp-block-heading\">Conclusions<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The audit revealed multiple critical vulnerabilities, especially in elements related to access controls, exposure of sensitive data and code injections. These required urgent mitigation by strengthening access policies and credential management. Strict recommendations and controls were also implemented, culminating in constant review and monitoring to ensure the continued protection of cloud resources.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>AWS Goat is an essential service from AWS for securing your cloud environment. Its use enables organisations that choose to use the cloud for their data and services to understand and prepare for all types of vulnerabilities, giving them peace of mind.<\/p>","protected":false},"featured_media":17696,"menu_order":0,"template":"","area":[245],"class_list":["post-17640","proyectos","type-proyectos","status-publish","has-post-thumbnail","hentry","area-cyber"],"acf":[],"_links":{"self":[{"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/proyectos\/17640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/proyectos"}],"about":[{"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/types\/proyectos"}],"version-history":[{"count":0,"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/proyectos\/17640\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/media\/17696"}],"wp:attachment":[{"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/media?parent=17640"}],"wp:term":[{"taxonomy":"area","embeddable":true,"href":"https:\/\/immune.institute\/en\/wp-json\/wp\/v2\/area?post=17640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}